CN104509065B - Human interaction proof is used as using the ability of speaking - Google Patents

Human interaction proof is used as using the ability of speaking Download PDF

Info

Publication number
CN104509065B
CN104509065B CN201380040948.3A CN201380040948A CN104509065B CN 104509065 B CN104509065 B CN 104509065B CN 201380040948 A CN201380040948 A CN 201380040948A CN 104509065 B CN104509065 B CN 104509065B
Authority
CN
China
Prior art keywords
user
human interaction
biological characteristic
interaction proof
entrance
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201380040948.3A
Other languages
Chinese (zh)
Other versions
CN104509065A (en
Inventor
C.米尔斯
R.辛
S.劳菲尔
S.钟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing LLC filed Critical Microsoft Technology Licensing LLC
Publication of CN104509065A publication Critical patent/CN104509065A/en
Application granted granted Critical
Publication of CN104509065B publication Critical patent/CN104509065B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G10MUSICAL INSTRUMENTS; ACOUSTICS
    • G10LSPEECH ANALYSIS OR SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING; SPEECH OR AUDIO CODING OR DECODING
    • G10L17/00Speaker identification or verification
    • G10L17/06Decision making techniques; Pattern matching strategies
    • G10L17/08Use of distortion metrics or a particular distance between probe pattern and reference templates
    • GPHYSICS
    • G10MUSICAL INSTRUMENTS; ACOUSTICS
    • G10LSPEECH ANALYSIS OR SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING; SPEECH OR AUDIO CODING OR DECODING
    • G10L17/00Speaker identification or verification
    • G10L17/22Interactive procedures; Man-machine interfaces
    • G10L17/24Interactive procedures; Man-machine interfaces the user being prompted to utter a password or a predefined phrase
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha

Abstract

Human interaction proof entrance determines that user is Standard User or bad actor using biological characteristic input.Human interaction proof entrance receives the access request to online data services from user equipment and will demonstrate that inquiry is sent to user equipment to be presented to user.Human interaction proof entrance receives the proof response with the biological characteristic metadata description based on the biological characteristic input from user from user equipment.

Description

Human interaction proof is used as using the ability of speaking
Background technology
Data, services can provide free service on the internet.Malicious entities, which can be used, pretends for the soft of human user Part application come utilize these service.Over-burden, kidnaps data clothes for the server that software application can cause for data, services Business uses for illegal, or interrupts normally using for data, services.For example, software application, which can be set up, forges free electricity Sub- mail account is to send spam, storage sale product is for illegal purpose, or can peel off excavation(strip mine)Public database.
The content of the invention
Present invention is provided to introduce in simplified form and is further described in a specific embodiment below Concept selection.Present invention is not intended to the key feature or essential feature for identifying theme claimed, and it is not yet It is intended to the scope for being used to limit theme claimed.
The embodiment being discussed below is directed to use with biological characteristic(biometric)Input to determine that user is that standard is used Family or bad actor.Human interaction proof entrance can receive the access request to online data services from user equipment. Human interaction proof entrance can will demonstrate that inquiry(challenge)User equipment is sent to be presented to user.The mankind Interaction proof entrance can be received from user equipment with the biological characteristic metadata based on the biological characteristic input from user The proof response of description.
Brief description of the drawings
In order to describe more particularly to describe to be explained in the way of it obtains record above and further advantage and feature State and will be presented by reference to being illustrated its specific embodiment in the accompanying drawings.Understand that these accompanying drawings are depicted only typical Embodiment and being therefore not to be regarded as limit its scope, embodiment will utilize additional characteristic and thin by using accompanying drawing Section is described and illustrated.
One embodiment of Fig. 1 block diagram data in graph form networks.
Fig. 2 illustrates one embodiment of computing device with block diagram.
Fig. 3 performs one embodiment of biological characteristic human interaction proof session with flow chart illustration.
Fig. 4 illustrates metadata with block diagram proves one embodiment of response.
Fig. 5 is used for the method that human interaction proof session is carried out using human interaction proof entrance with flow chart illustration One embodiment.
Fig. 6 have with flow chart illustration user side handle be used for carry out human interaction using human interaction proof entrance Prove one embodiment of the method for session.
Fig. 7 flow chart illustrations are used for the one embodiment for analyzing the method for biological characteristic metadata description.
Fig. 8 is used for an implementation of the method that human interaction proof session is carried out using user equipment with flow chart illustration Example.
Fig. 9 have with flow chart illustration user side handle be used for carry out human interaction proof session using user equipment Method one embodiment.
Embodiment
Embodiment is discussed in detail below.Although particular comes into question, however, it is understood that this is made only For illustration purposes.Those skilled in the relevant art are it will be recognized that in the spirit and scope for the theme for not departing from present disclosure In the case of can use other components and configuration.Embodiment can be the method for machine implementation, be stored in it with detailed description On the method at least one processor one group of instruction tangible computer readable storage medium, or human interaction proof Entrance.
Human interaction proof entrance can be protected to online data services by will demonstrate that inquiry is sent to user equipment Access.It is to seek from one in user's one group of one or more action of extraction to determine whether the user is to dislike to prove inquiry One group of text, a digital picture or the one group of voice data of meaning actor.It is by implementing such as according to card by user to prove response Act to solve to prove the trial of inquiry determined by bright inquiry.It is correctly to solve to prove the user of inquiry to prove inquiry response Action.User equipment can receive biological characteristic input to create the proof response for proving inquiry from user.It is biological special It is to identify the input that the mankind of user produce to levy input, such as speech, fingerprint or face-image.Human interaction proof entrance can be with Whether it is human user that user is determined based on biological characteristic input.
For example, human interaction proof entrance can select the proof to be sent to user to inquire to draw audio from user Response is used as proof response.It can be the one group of text read for user or the problem solved for user to prove inquiry, such as User is asked to say 124 and 54 sum.User can be roared by proving the text of inquiry extraction to the microphone of user equipment In.User equipment can record audio input and the audio input is sent back into human interaction proof entrance.Human interaction Prove that entrance can handle audio recording to confirm that user is the mankind.Human interaction proof entrance can use speech recognition to test Card text is correctly said.Human interaction proof entrance can use VODER to detect to verify that audio input comes from people Class rather than the automated system of generation response.Human interaction proof entrance can create vocal print to verify single sweatshop (sweatshop)User is not creating a large amount of accounts.Human interaction proof entrance can determine whether user successfully solves Certainly human interaction proof.Then audio recording and spoken language text can be used to make more preferable speech recognition and phonetic synthesis System.
Text Flag can be that the proof said for user is inquired by human interaction proof entrance.Prove inquiry can be from The text randomly chosen in any other corpus of public domain works, scientific literature or text.Text can be selected to carry There may be difficult voice data when being handled for speech recognition or speech synthesis system.
Human interaction proof entrance can be sent to user using text as proof inquiry.Text can be displayed on net Stand, in the control on client application, TV or other display screens.Alternatively, it can be broadcast text as audio file Put, so as to say selected text.Human interaction proof entrance can start to say text with instruction user.To the record of text Can be automatically either by Client-initiated.For example, user can click on button to make text show and be expected to be somebody's turn to do User reads text immediately.Alternatively, it was demonstrated that inquiry can exist when accessing online data services, wherein whenever user chooses When the user start read.
The record of this voice data can be transmitted back to human interaction proof entrance by user equipment.User equipment can be with By audio recording into the audio layer III forms of motion characteristics planning -1 or MP3, and record is sent back into the mankind as file Interaction proof entrance.Alternatively, user equipment can extract the feature specified, such as the time function frequency or conduct The loudness of the function of time.Specified feature can be sent back to human interaction proof entrance to reduce bandwidth by user equipment Using or server computation times.Human interaction proof entrance or user equipment, which can be generated, to be referred to as biological characteristic metadata and retouches The specified feature stated.
Human interaction proof entrance can determine that provided audio input or the description of biological characteristic metadata are indicated whether The text roared by the mankind.Further, human interaction proof entrance can determine whether speech belongs to and access The user for spending service capacity.Human interaction proof entrance can be by serially, perform concurrently or with some combination of the two Voice verification determines whether user is bad actor.
Human interaction proof entrance can determine to prove that the speech utterance recorded in response is proved provided in inquiry The spoken version of text.Because just identified particular text is known by the system, closed domain audio recognition method can be significantly Ground simplifies speech recognition component.Human interaction proof entrance can be tolerant to avoid wrong report to receiving suspicious speech, because additional Checking can prevent abuse.
Human interaction proof entrance can verify that spoken language text is the result of the mankind rather than VODER.The mankind hand over Grader can be used to make this checking by mutually proving entrance.It can be very dull sounding to synthesize voice so that voice It is different enough from normal human subject voice so that individually normal human subject voice is identified according to sound is possible.VODER can Continually to make each sound phoneme that mankind's record is used when saying language-specific.Text can be translated into one by VODER Serial phoneme.The phoneme correspondingly recorded smoothly can be concatenated together by VODER, to prevent quivering for voice signal Move with distortion to increase authenticity.The smooth presence that a limited number of record sound and this machine are generated can help pairing Into the detection of voice.
In addition, grader can use the knowledge of existing VODER model.By by phonetic entry comparison needle pair The anticipated output from known synthesizer model of text to be authenticated is compared, and grader can be detected to be synthesized by known One in the device type of input source that is generated.The database of synthesizer model can be found with new model and by more Newly.The use of multiple classification schemes can increase accuracy.
The mode that misuser can solve human interaction proof is to employ sweatshop manually to solve to prove to ask Ask.Human interaction proof entrance can use the vocal print even vocal print of anonymity, and to track same human use, it is ask to solve proof The frequency asked.Human interaction proof can be used to create a log assembly that account and for suppressing the access to important Service Source, so that Same user is set to be verified repeatedly.However, misuser can be typically with for proving that more proofs of inquiry are rung It should be operated in much bigger scale.By will be used by the number and frequency limit of the checking of vocal print to the legal of service Consistent number, human interaction proof entrance can identify sweatshop user.
Human interaction proof entrance can protect against involving mankind's speech by making vocal print associated with user account Sweatshop's formula attack of person.Such association can be used for user account be created provide afterwards proof inquiry.It is right For the specific human interaction proof session of account, human interaction proof entrance is built sign using user speech input and used The user model of family vocal print.Human interaction proof entrance can input to strengthen user's mould by the polymerization from multiple sessions Type.Meanwhile, human interaction proof entrance can use the user model to verify each human interaction proof input.If input Make a speech and be not suitable for the user model of user account during verifying, then human interaction proof entrance can determine that spokesman fails back Should(fail)Inquiry.The database of user model can be used for other purposes, such as user authentication.Human interaction proof entrance It can use from other voice sources(Such as speech information is transmitted)Phonetic entry expand user model.
Additionally, human interaction proof entrance can perform smoothness verification, audio database verification or vocal print uniformity Check to verify that multiple audio fragments from other sources are not spliced together to generate response.With new abuse technology quilt Invention, human interaction proof entrance can add additional verification to relax abuse technology or adjustment voice verification in terms of and excessively Use technology.
Once human interaction proof entrance has verified that user, human interaction proof entrance be assured that user whether by Authorize and access online data services or online data resource.Human interaction proof entrance can limit the amount for being consumed resource.Such as Fruit proves that response successfully solves to prove inquiry, then human interaction proof entrance can verify user.Alternatively, human interaction is demonstrate,proved Bright entrance can apply a series of logic rules to the description of biological characteristic metadata.Human interaction proof entrance can be by confidence point Number distributes to each aspect of biological characteristic metadata description.Human interaction proof entrance can be to each aspect and confidence score Using Machine learning classifiers, and predict whether user is the mankind for being authorized to online data services.
Therefore, in one embodiment, human interaction proof entrance can use biological characteristic to input to determine that user is Standard User or bad actor.Human interaction proof entrance can receive the access to online data services from user equipment Request.Human interaction proof entrance can will demonstrate that inquiry is sent to user equipment to be presented to user.Human interaction is demonstrate,proved Bright entrance can be received from user equipment to be retouched with the biological characteristic metadata response based on the biological characteristic input from user The proof response stated.The biological characteristic metadata that human interaction proof entrance can analyze description biological characteristic input describes to mark Know mankind sweatshop.
One embodiment of Fig. 1 block diagram data in graph form networks 100.User equipment 110 can be connected via data network 130(Such as internet)It is connected to data server 120.User equipment 110 can be accessed as performed by data server 120 Online data services 122.Online data services 122 can use human interaction proof(HIP)Entrance 140 is protected in line number According to the access of service 122.Human interaction proof entrance 140 can be demonstrate,proved by data server 120 or by single human interaction Prescribed server 150 is performed.
Human interaction proof entrance 140 can be by by proving that one or more proofs that inquiry database 160 is provided are inquired It is sent to user equipment 110.Human interaction proof entrance 140 can generate proof inquiry to be presented to user.Prove to ask Biological characteristic input can be sought as proof response from user by asking.Biological characteristic input is the biologically generation for identifying the mankind Input, voice, fingerprint or the image of such as user.Human interaction proof server 150 then can handle proof response with Verify that user is the mankind.Human interaction proof entrance 140 can further check card based on the biological characteristic input from user It is bright to respond to determine whether the user comes from mankind sweatshop.
For the audio input from user, human interaction proof server 150 can ask the audio input with proving Ask that response compares, while the biological characteristic metadata for handling audio input describes to verify that the audio input is not computer life Into or mankind sweatshop product.Human interaction proof server 150 can be converted to audio input text formatting, sound Frequency form or any intermediate form are to determine with proving to inquire matching for response.The description of biological characteristic metadata can be handed in the mankind Mutually prove to be generated from audio input at server 150.Alternatively, human interaction proof entrance can will change applet (applet)112(The small-sized application based on web)Install on user equipment 110 to generate the description of biological characteristic metadata.When The network bandwidth can use conversion applet 112 when transmission audio file may be caused unrealistic.
Human interaction proof server 150 can have sound identification module 152 to convert auditory input into text word Or other intermediate forms are for compared with proving inquiry response.Human interaction input proves that server 150 can have and closed Detection module 154 is grown up to be a useful person to verify that audio input is that non-audio synthesizer is produced by the mankind.Synthesizer detection module 154 can To analyze the tonal variations of audio input(It is referred to as dullness(flatness)Aspect)And by audio input and known audio Synthesizer compares.Human interaction input proves that server 150 can have voiceprint analysis module 156 to be to determine the same mankind It is no to produce audio input.Voiceprint analysis module 156 can determine whether account has same user and same use every time Whether family uses multiple accounts, and both can indicate mankind sweatshop.
Fig. 2 is illustrated can showing as user equipment 110, data server 120 or human interaction proof server 150 The block diagram of plasticity computing device 200.Computing device 200 can be with one in combination hardware, software, firmware and system-on-chip technology It is individual or multiple to implement user equipment 110, data server 120 or human interaction proof server 150.Computing device 200 can To be connect including bus 210, processor 220, memory 230, data storage device 240, input-output apparatus 250 and communication Mouth 260.Bus 210 or the interconnection of other components can permit the communication between the component of computing device 200.
Processor 220 can include at least one conventional processors or microprocessor for explaining and performing one group of instruction. Memory 230 can be storage information and instruct the random access memory for being performed by processor 220(RAM)Or it is another The dynamic data storage device of type.What memory 230 was used during can also being stored in by the execute instruction of processor 220 faces Variations per hour or other average informations.
Data storage device 240 can include storing static information and the conventional ROM device or another of instruction for processor 220 The static data storage device of one type.Data storage device 240 can include any kind of tangible computer readable storage Medium, such as magnetically or optically record media(Such as digital video disc)And its corresponding driver.With signal on the contrary, tangible Computer-readable recording medium is the physical medium for storing machine readable code or instruction.Instruction is set to be stored in as retouched herein On the calculating readable media stated can with make diffusion of instructions or transmission distinguish because propagate will instruction shifted, with it is all if What is enough occurred with the computer-readable medium with the instruction being stored thereon stores instruction progress relatively.Therefore, remove It is non-it is further noted that otherwise with this form or similar type to the computer-readable media with the instruction being stored thereon or Jie Matter refer to data and can be stored or maintained at tangible medium thereon.Data storage device 240 can be stored in detail One group of instruction of method is stated, it is described that the instruction when executed by one or more processors implements one or more processors Method.Data storage device 240 can also be proves the database or database interface of inquiry for storing.
Input-output apparatus 250 can include allowance user and enter information into the one or more normal of computing device 200 Gauge mechanism, keyboard, mouse, voice recognition devices, microphone, headphone, gesture identification equipment, touch-screen etc..It is defeated Enter/output equipment 250 can include outputting information to one or more Conventional mechanisms of user, including display, printer, One or more loudspeakers, headphone or medium, such as memory or disk or CD and corresponding disk drive.It is logical Letter interface 260 can include enabling any transceiver-like machine that computing device 200 is communicated with miscellaneous equipment or network Structure.Communication interface 260 can include network interface or transceiver interface.Communication interface 260 can be wave point, wireline interface Or optical interface.
Computing device 200 can perform in response to processor 220 and be included in computer-readable recording medium(Such as, for example, Memory 230, disk or CD)In command sequence implement such function.Such instruction can be calculated from another Machine readable storage medium storing program for executing(Such as data storage device 240)Or from single equipment read storage via communication interface 260 In device 230.
Fig. 3 performs one embodiment of biological characteristic human interaction proof session 300 with flow chart illustration.User equipment Access request 302 can be sent to human interaction proof entrance 140 by 110.Human interaction proof entrance 140 can will demonstrate that inquiry Ask that 304 return to user equipment 110.Prove that inquiry 304 can be text chunk or audio words.Text chunk can be distortion text Word, the text word for being modified to the text word that presentation can not be read by optical character identification.Audio words are broadcast by user equipment 110 Put the audio file listened to for user.Alternatively, it was demonstrated that inquiry can describe the action implemented for user, such as apply finger tip It is added to trace reading machine or is smiled for digital image capture.
User equipment 110 can will demonstrate that response 306 is supplied to human interaction proof entrance 140 to solve to prove inquiry 304.It can be the digital image capture of biological characteristic input, such as audio input, fingerprint or face to prove response 306.Audio Input, which can produce user, which says, proves the audio file of inquiry word.If privacy is not problem, fingerprint or digital picture are caught User can specifically be identified by obtaining.Whether human interaction proof entrance 140 may further determine that the description of biological characteristic metadata Whether instruction user is bad actor, such as mankind sweatshop or software application.
Bandwidth problem significantly can slow down user.Human interaction proof entrance 140 can will change applet 112 are sent to user equipment 110 proves to respond to produce metadata from audio input so that prove that response can be used less Bandwidth.Although the metadata produced by conversion applet proves that response can preserve bandwidth, metadata proves response May be less safe.
Fig. 4 illustrates one embodiment of the metadata proof response 400 for audio input with block diagram.Metadata proves to ring Answer 400 can have and indicate that human interaction proof entrance 140 receives metadata and proves the human interaction proof entrance of response 400 Address 410.Metadata proof response 400, which can have, responds expression 420, such as text word, audio file, or small by changing Other intermediate forms that the voice recognition module of application program 112 is generated from audio input are represented.Metadata proves that response can be with 430 are described with the biological characteristic metadata based on the biological characteristic input from user.Biological characteristic metadata describes 430 can With with by changing the vocal print 432 that applet 112 is generated from audio input.Vocal print 432 can identify user.It is biological special Levy metadata describe 430 can have by changing the level 434 that applet 112 is generated from audio input.Level 434 is retouched State the volume throughout audio input.Biological characteristic metadata, which describes 430, to be had by changing applet 112 from audio Input the tone 436 of generation.Tone 436 describes the frequency elapsed over time of audio input.Biological characteristic metadata is described 430 can have by changing the speed 438 that applet 112 is generated from audio input.Speed 438 can be described for creating Build the length of the time of audio input.Metadata proves that response 400 can have and is attached to first number by conversion applet 112 It is demonstrated that the digital signature 440 of response 400.Digital signature 440 can indicate that metadata proves response 400 from the small application of conversion Program 112 and not the deception response from bad actor.Metadata proves that response 400 can have device address 450 (Such as Internet protocol address)To identify the user equipment 110 for sending metadata proof response 400.Metadata proves response 400 can have assist in user whether be bad actor other data, such as network credit data, equipment Reputation Number According to this and human interaction proof entrance 140 is helped to identify the other information of bad actor.
Human interaction proof entrance 140 can receive biological characteristic input as proof response 306.Fig. 5 flow chart figures Show one embodiment of the method 500 for carrying out human interaction proof session 300 using human interaction proof entrance 140. Human interaction proof entrance 140 can receive the access request 302 to online data services 122 from user equipment 110(Block 502).Human interaction proof entrance 140 can the proof by selection inquiry 304 from proof inquiry database 160(Block 504).The mankind Interaction proof entrance 140 can will demonstrate that inquiry 304 is sent to user equipment 110 to be presented to user(Block 506).Example Such as, human interaction proof entrance 140 can send audio words as proof inquiry 304.
Human interaction proof entrance 140 can be received from user equipment 110 based on the biological characteristic input from user Prove response 306(Block 508).Human interaction proof entrance 140 can generate the description of biological characteristic metadata from response 306 is proved (Block 510).Human interaction proof entrance 140 can be by biological characteristic input with proving that inquiry response compares(Block 512).The mankind Interaction proof entrance 140 can analyze the biological characteristic metadata description that description biological characteristic is inputted according to response 306 is proved To identify bad actor, such as mankind sweatshop(Block 514).
If user is not in the case where producing any mark by proving inquiry 304(Block 516), then human interaction demonstrate,prove Bright entrance 140 can permit the access 308 to user account based on biological characteristic input(Block 518).If user is not producing Proof inquiry 304 is not yet passed in the case of raw any mark(Block 516), then human interaction proof entrance 140 can refuse pair The access 308 of online data services 122(Block 520).
Human interaction proof entrance 140 can be by being described for that the biological characteristic created by user equipment 110 is inputted Prove response 306.Fig. 6 have with flow chart illustration user side handle be used for carried out using human interaction proof entrance 140 One embodiment of the method 600 of human interaction proof session 300.Human interaction proof entrance 140 can be from user equipment 110 Receive the access request 302 to online data services 122(Block 602).Human interaction proof entrance 140 can send for by with The conversion applet 112 that family equipment 110 is installed(Block 604).Human interaction proof entrance 140 can inquire data from proof Proof by selection inquiry 304 in storehouse 160(Block 606).Human interaction proof entrance 140 can will demonstrate that inquiry 304 is sent to user Equipment 110 is for being presented to user(Block 608).For example, human interaction proof entrance 140 can send text chunk(Such as lose True text word)It is used as proof inquiry 304.
Human interaction proof entrance 140 can be received from user equipment 110, and there is response to represent and based on from user's The proof response 306 of the biological characteristic metadata description of biological characteristic input(Block 610).Human interaction proof entrance 140 can be with By biological characteristic input with proving that inquiry response compares(Block 612).Human interaction proof entrance 140 can be responded according to proof 306 describe to identify bad actor, such as mankind's blood and sweat work to analyze the biological characteristic metadata of description biological characteristic input Factory(Block 614).
If user is not in the case where producing any mark by proving inquiry 304(Block 618), then human interaction demonstrate,prove Bright entrance 140 can be based on biological characteristic import admission to user account access 308(Block 620).If user is not producing Proof inquiry 304 is not yet passed in the case of any mark(Block 618), then human interaction proof entrance 140 can refuse to The access 308 of line data, services 122(Block 622).
For the audio input inputted as biological characteristic, human interaction proof entrance 140 can check biological characteristic member Data are described(Such as audio metadata is described)To determine whether user is bad actor.Fig. 7 is used to divide with flow chart illustration Analyse one embodiment of the method 700 of the biological characteristic metadata description of audio input.Human interaction proof entrance 140 can connect Receive the response based on audio input and represent 420(Block 702).Human interaction proof entrance 140 can ask audio input with proving Ask that response compares(Block 704).If audio input and proof inquiry response are mismatched(Block 706), then human interaction proof enter Mouth 140 can will be used and be labeled as possible bad actor(Block 708).
Human interaction proof entrance 140 can determine whether audio input comes from VODER(Block 710).If audio Input shows the sign from VODER(Block 712), then human interaction proof entrance 140 can be by user's mark for can The bad actor of energy(Block 708).Human interaction proof entrance 140 can measure the dull aspect of audio input(Block 714).It is single The tonal variations of description audio input in terms of tune.If audio input is more more dull than specified dull thresholding(Block 716), then people User's mark can be possible bad actor by class interaction proof entrance 140(Block 708).Human interaction proof entrance 140 Can track proves the response time of response 306(Block 718).If the response time indicates suspicious user, such as in response to card Bright inquiry 304 or proofs in queue inquires the user exceedingly put into practice when 304(Block 720), then human interaction proof enter User's mark can be possible bad actor by mouth 140(Block 708).
Human interaction proof entrance 140 can compare the vocal print of audio input with user account configuration file(Block 722).If the human interaction proof inlet needle user different to unique user account identification(Block 724), then human interaction proof User's mark can be possible bad actor by entrance 140(Block 708).Human interaction proof entrance 140 can identify tool There is the user interacted with human interaction proof entrance higher than frequent usage threshold, used so as to indicate the user to be multiple Family account is responded.If voice print identification is to belong to frequently user by human interaction proof entrance 140(Block 726), then people User's mark can be possible bad actor by class interaction proof entrance 140(Block 708).Human interaction proof entrance 140 The network address of user equipment, such as Internet protocol can be checked(IP)Address(Block 728).If human interaction proof entrance Determine user not at the network address enjoyed high prestige(Block 730), then human interaction proof entrance 140 can be by user's mark Possible bad actor(Block 708).
User equipment 110 can receive biological characteristic from user and input, such as audio input, and the biological characteristic is defeated Enter to be sent to human interaction proof entrance 140.Fig. 8 is used to carry out human interaction using user equipment 110 with flow chart illustration Prove one embodiment of the method 800 of session 300.User equipment 110 can be by the access request of online data services 120 302 are sent to human interaction proof entrance 140(Block 802).User equipment 110 can be received from human interaction proof entrance 140 Prove inquiry 304(Such as audio words)For being presented to user(Block 804).User equipment 110 can regard audio words as card Bright inquiry 304 is presented to user(Block 806).User equipment 110 can be in response to proving inquiry 304 from user's reception biological characteristic Input.For example, user equipment 110 can be in response to proving inquiry 304 from user's reception audio input(Block 808).User equipment 110 can will demonstrate that response 306 is sent to human interaction proof entrance 140(Block 810).
User equipment 110 can be sent to the preceding processing biological characteristic input of human interaction proof entrance 140.Fig. 9 is used Flow chart illustration has the method for carrying out human interaction proof session 300 using user equipment 110 that user side is handled 900 one embodiment.Access request 302 to online data services 120 can be sent to human interaction by user equipment 110 Prove entrance 140(Block 902).User equipment 110 can receive conversion applet 112 from human interaction proof entrance 140 For installing(Block 904).User equipment 110 can be received from human interaction entrance 140 proves inquiry 304(Such as text chunk) For being presented to user(Block 906).User equipment 110 can be by text chunk(Such as distortion text word)It is used as proof inquiry 304 are presented to user(Block 908).User equipment 110 can be in response to proving inquiry 304 from user's reception audio input(Block 910).User equipment 110 can be created based on audio input response represent 420, such as text word, audio file or it is other in Between form represent(Block 912).User equipment 110 can be based on the audio input to be sent to human interaction proof entrance 140 430 are described to create biological characteristic metadata(Block 914).User equipment 110 can use conversion applet to be signed at Prove response with to proving that response 400 is authenticated(Block 916).User equipment 110 can will have response to represent 420 and biological The proof response 306 that metadata describes 430 is sent to human interaction proof entrance 140(Block 918).
Although describing this theme with the language specific to architectural feature and/or methodology behavior, it should manage Theme in solution, appended claims is not necessarily limited to special characteristic described above or behavior.On the contrary, spy described above Determine feature and behavior to be disclosed as the exemplary forms for implementing claim.
Embodiment within the scope of the invention can also include being used to carry or with the computer being stored thereon The non-transitory computer-readable storage medium of executable instruction or data structure.The computer-readable storage of such non-transitory Media can be any available media that can be accessed by all-purpose computer or special-purpose computer.It is unrestricted as example, Such non-transitory computer-readable storage medium can include RAM, ROM, EEPROM, CD-ROM or other optical disc storage dress Put, disk storage device or other magnetic data storage devices, or can be used to computer executable instructions or data structure Form carrying or store any other medium of desired program code component.Combination of the above should be also included In the range of non-transitory computer-readable storage medium.
Embodiment can also wherein task by(Combined by hard wired links, Radio Link or by it)Via communication Network and put into practice in DCE that linked local and remote processing equipment is implemented.
Computer executable instructions include for example making all-purpose computer, special-purpose computer or dedicated treatment facility implement some The instruction and data of function or one group of function.Computer executable instructions also include by the computer in independence or network environment Lai The program module of execution.Usually, program module include implement particular task or implement particular abstract data type routine, Program, object, component and data structure etc..Computer executable instructions, associated data structure and program module table Show the example of program code devices the step of for performing method disclosed herein.Such executable instruction or correlation The particular order of the data structure of connection represents the example of the corresponding behavior for implementing the function described in such step.
Although foregoing description can include specific detail, they should not he construed as being limiting in any way right It is required that.The other configurations of described embodiment be scope of the present disclosure a part.For example, the principle of present disclosure Each single user can be applied to, wherein each user can individually dispose such system.Even if largely may Application in any one without using feature described herein, this is also enabled each user to using in the disclosure The benefit of appearance.Each of multiple examples of electronic equipment can be with various possible mode process contents.Embodiment may not be In the system used by all terminal users.Therefore, appended claims and its legal equivalents should only limit this hair Bright rather than given any particular example.

Claims (10)

1. it is a kind of for human interaction proof session, the method that machine is implemented, including:
The access request to online data services is received from user equipment;
It will demonstrate that inquiry is sent to the user equipment to be presented to user;
Being received from the user equipment proves response, described to prove that response has by conversion applet in the user equipment The biological characteristic metadata description that place is extracted from the biological characteristic input from the user, the biological characteristic metadata description Describe at least one in level, tone and the speed of the biological characteristic input;And
The biological characteristic metadata description that the biological characteristic is inputted with by the input from multiple sessions and user's account The user model for the user account configuration file that family is polymerize compares.
2. according to the method described in claim 1, further comprise:
The conversion applet is sent to be installed by the user equipment.
3. according to the method described in claim 1, further comprise:
By biological characteristic input with proving that inquiry response compares.
4. according to the method described in claim 1, further comprise:
The response based on audio input is received to represent.
5. method according to claim 4, further comprises:
Measure the dull aspect of the audio input.
6. method according to claim 4, further comprises:
It is to belong to frequently user by voice print identification.
7. according to the method described in claim 1, further comprise:
Access to user account is permitted based on biological characteristic input.
8. a kind of for human interaction proof session, the method that machine is implemented, methods described includes:
Access request to online data services is sent to human interaction proof entrance;
Being received from the human interaction proof entrance proves inquiry to be presented to user;
Prove that inquiry receives audio input from the user in response to described;
Existed based on the audio input to be sent to the human interaction proof entrance to create by conversion applet The biological characteristic metadata description generated at the user equipment;And
The biological characteristic metadata is described to be signed to indicate the biological characteristic using the conversion applet Metadata description comes from the conversion applet.
9. a kind of human interaction proof entrance, including:
Communication interface, it is configured to receive the access request to online data services from user equipment;And
Processor, it, which is configured to generation, proves inquiry to be presented to user and be used for checking biological characteristic input member Data description is to determine whether to permit the access to the online data services, and biological characteristic description is existed by conversion applet Generate and signed to indicate that the description of biological characteristic metadata comes from the conversion applet at the user equipment.
10. human interaction proof entrance according to claim 9, wherein the processor determines the biological characteristic input Whether metadata description describes VODER.
CN201380040948.3A 2012-08-02 2013-08-01 Human interaction proof is used as using the ability of speaking Active CN104509065B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/564722 2012-08-02
US13/564,722 US9390245B2 (en) 2012-08-02 2012-08-02 Using the ability to speak as a human interactive proof
PCT/US2013/053107 WO2014022602A2 (en) 2012-08-02 2013-08-01 Using the ability to speak as a human interactive proof

Publications (2)

Publication Number Publication Date
CN104509065A CN104509065A (en) 2015-04-08
CN104509065B true CN104509065B (en) 2017-11-07

Family

ID=48986235

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201380040948.3A Active CN104509065B (en) 2012-08-02 2013-08-01 Human interaction proof is used as using the ability of speaking

Country Status (6)

Country Link
US (2) US9390245B2 (en)
EP (1) EP2880834B1 (en)
JP (1) JP6697265B2 (en)
KR (1) KR102210775B1 (en)
CN (1) CN104509065B (en)
WO (1) WO2014022602A2 (en)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104104664A (en) * 2013-04-11 2014-10-15 腾讯科技(深圳)有限公司 Method, server, client and system for verifying verification code
EP2921984B1 (en) * 2014-03-21 2019-11-20 Samsung Electronics Co., Ltd System and method for executing file by using biometric information
FR3019424A1 (en) * 2014-03-31 2015-10-02 Orange METHOD OF CONSTRUCTING A MESSAGE BY A TERMINAL
WO2015194135A1 (en) 2014-06-19 2015-12-23 日本電気株式会社 Authentication device, authentication system, authentication method, and program storage medium
US9555807B2 (en) * 2015-05-01 2017-01-31 Delphi Technologies, Inc. Automated vehicle parameter modification based on operator override
US20160381560A1 (en) * 2015-06-27 2016-12-29 Offla Selfsafe Ltd. Systems and methods for derivative fraud detection challenges in mobile device transactions
US11030618B1 (en) 2016-09-30 2021-06-08 Winkk, Inc. Authentication and personal data sharing for partner services using out-of-band optical mark recognition
CN108681934A (en) * 2018-04-25 2018-10-19 厦门快商通信息技术有限公司 A kind of recognition methods of transaction platform and its bad user
US11637694B2 (en) 2018-07-16 2023-04-25 Winkk, Inc. Secret material exchange and authentication cryptography operations
RU2744063C1 (en) * 2018-12-18 2021-03-02 Общество С Ограниченной Ответственностью "Яндекс" Method and system for determining speaking user of voice-controlled device
CN109801638B (en) * 2019-01-24 2023-10-13 平安科技(深圳)有限公司 Voice verification method, device, computer equipment and storage medium
US11328042B2 (en) 2019-12-10 2022-05-10 Winkk, Inc. Automated transparent login without saved credentials or passwords
US11553337B2 (en) 2019-12-10 2023-01-10 Winkk, Inc. Method and apparatus for encryption key exchange with enhanced security through opti-encryption channel
US11928193B2 (en) 2019-12-10 2024-03-12 Winkk, Inc. Multi-factor authentication using behavior and machine learning
US11574045B2 (en) 2019-12-10 2023-02-07 Winkk, Inc. Automated ID proofing using a random multitude of real-time behavioral biometric samplings
US11936787B2 (en) * 2019-12-10 2024-03-19 Winkk, Inc. User identification proofing using a combination of user responses to system turing tests using biometric methods
US11652815B2 (en) 2019-12-10 2023-05-16 Winkk, Inc. Security platform architecture
US11657140B2 (en) 2019-12-10 2023-05-23 Winkk, Inc. Device handoff identification proofing using behavioral analytics
US11843943B2 (en) 2021-06-04 2023-12-12 Winkk, Inc. Dynamic key exchange for moving target
US11824999B2 (en) 2021-08-13 2023-11-21 Winkk, Inc. Chosen-plaintext secure cryptosystem and authentication
US20230142081A1 (en) * 2021-11-10 2023-05-11 Nuance Communications, Inc. Voice captcha

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5960399A (en) * 1996-12-24 1999-09-28 Gte Internetworking Incorporated Client/server speech processor/recognizer

Family Cites Families (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63106798A (en) * 1986-10-24 1988-05-11 株式会社東芝 Personal validation apparatus
US6266640B1 (en) * 1996-08-06 2001-07-24 Dialogic Corporation Data network with voice verification means
US6618806B1 (en) 1998-04-01 2003-09-09 Saflink Corporation System and method for authenticating users in a computer network
JP4120997B2 (en) * 1998-10-23 2008-07-16 富士通株式会社 Unauthorized access determination device and method
US6978238B2 (en) * 1999-07-12 2005-12-20 Charles Schwab & Co., Inc. Method and system for identifying a user by voice
JP2001052125A (en) * 1999-08-05 2001-02-23 Casio Comput Co Ltd Device and system for authentication
JP4440414B2 (en) * 2000-03-23 2010-03-24 富士通株式会社 Speaker verification apparatus and method
JP4390122B2 (en) * 2001-03-14 2009-12-24 富士通株式会社 User authentication system using biometric information
US6898568B2 (en) * 2001-07-13 2005-05-24 Innomedia Pte Ltd Speaker verification utilizing compressed audio formants
US20030037004A1 (en) * 2001-08-14 2003-02-20 Chuck Buffum Dialog-based voiceprint security for business transactions
JP2003087860A (en) * 2001-09-10 2003-03-20 Ntt Docomo Tokai Inc Method and system for personal identification in mobile communication, and personal identification device
JP2003114617A (en) * 2001-10-03 2003-04-18 Systemfrontier Co Ltd System and method for authentication using voice
JP2004038848A (en) * 2002-07-08 2004-02-05 Apukotto:Kk Personal authentication method, its device and personal authentication program
JP2004133119A (en) * 2002-10-09 2004-04-30 Matsushita Electric Ind Co Ltd Portable terminal device
US20040199469A1 (en) * 2003-03-21 2004-10-07 Barillova Katrina A. Biometric transaction system and method
US20060047766A1 (en) 2004-08-30 2006-03-02 Squareanswer, Inc. Controlling transmission of email
US7484102B2 (en) * 2004-09-07 2009-01-27 Microsoft Corporation Securing audio-based access to application data
JP4778242B2 (en) * 2005-01-26 2011-09-21 Necビッグローブ株式会社 Personal information communication system and method
JP4719493B2 (en) * 2005-03-31 2011-07-06 綜合警備保障株式会社 Authentication system and authentication method
US8036902B1 (en) * 2006-06-21 2011-10-11 Tellme Networks, Inc. Audio human verification
CA2676395C (en) 2007-01-23 2015-09-15 Carnegie Mellon University Controlling access to computer systems and for annotating media files
CN101241572B (en) * 2007-02-08 2015-12-09 天地融科技股份有限公司 A kind of method of operating of electric signing tools and electric signing tools
US20090055193A1 (en) 2007-02-22 2009-02-26 Pudding Holdings Israel Ltd. Method, apparatus and computer code for selectively providing access to a service in accordance with spoken content received from a user
US20090183247A1 (en) 2008-01-11 2009-07-16 11I Networks Inc. System and method for biometric based network security
US8140340B2 (en) * 2008-01-18 2012-03-20 International Business Machines Corporation Using voice biometrics across virtual environments in association with an avatar's movements
JP5400301B2 (en) * 2008-01-23 2014-01-29 インターナショナル・ビジネス・マシーンズ・コーポレーション Authentication server device, authentication method, and authentication program
US8536976B2 (en) 2008-06-11 2013-09-17 Veritrix, Inc. Single-channel multi-factor authentication
US8222886B2 (en) 2008-06-18 2012-07-17 Hioki Denki Kabushiki Kaisha Voltage detecting apparatus and line voltage detecting apparatus having a detection electrode disposed facing a detected object
US8489399B2 (en) 2008-06-23 2013-07-16 John Nicholas and Kristin Gross Trust System and method for verifying origin of input through spoken language analysis
US8793135B2 (en) 2008-08-25 2014-07-29 At&T Intellectual Property I, L.P. System and method for auditory captchas
US20100076770A1 (en) * 2008-09-23 2010-03-25 Veeru Ramaswamy System and Method for Improving the Performance of Voice Biometrics
US8190544B2 (en) * 2008-12-12 2012-05-29 International Business Machines Corporation Identifying and generating biometric cohorts based on biometric sensor input
WO2010084209A1 (en) * 2009-01-23 2010-07-29 Vanios Consulting, S.L. Secure access control system
GB0910897D0 (en) * 2009-06-24 2009-08-05 Vierfire Software Ltd Authentication method and system
US20110029371A1 (en) 2009-07-30 2011-02-03 Devries Derek Method and system of allocation of popularity credit in a private communications network
US8312073B2 (en) * 2009-08-04 2012-11-13 Palo Alto Research Center Incorporated CAPTCHA-free throttling
JP5325746B2 (en) * 2009-11-05 2013-10-23 エヌ・ティ・ティ・コムウェア株式会社 Service providing system, service providing method and program
US8656486B2 (en) * 2010-02-12 2014-02-18 Authentec, Inc. Biometric sensor for human presence detection and associated methods
US9286913B2 (en) * 2010-03-30 2016-03-15 Nec Corporation Atmosphere expression word selection system, atmosphere expression word selection method, and program
US20110320201A1 (en) * 2010-06-24 2011-12-29 Kaufman John D Sound verification system using templates
US20120232907A1 (en) * 2011-03-09 2012-09-13 Christopher Liam Ivey System and Method for Delivering a Human Interactive Proof to the Visually Impaired by Means of Semantic Association of Objects
US8522327B2 (en) * 2011-08-10 2013-08-27 Yahoo! Inc. Multi-step captcha with serial time-consuming decryption of puzzles
US20130347067A1 (en) 2012-06-21 2013-12-26 Microsoft Corporation Dynamic human interactive proof
US9965607B2 (en) * 2012-06-29 2018-05-08 Apple Inc. Expedited biometric validation

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5960399A (en) * 1996-12-24 1999-09-28 Gte Internetworking Incorporated Client/server speech processor/recognizer

Also Published As

Publication number Publication date
WO2014022602A3 (en) 2014-03-27
EP2880834B1 (en) 2018-11-07
KR102210775B1 (en) 2021-02-01
US20170134376A1 (en) 2017-05-11
US9390245B2 (en) 2016-07-12
JP6697265B2 (en) 2020-05-20
CN104509065A (en) 2015-04-08
WO2014022602A2 (en) 2014-02-06
JP2015528969A (en) 2015-10-01
US10158633B2 (en) 2018-12-18
KR20150040892A (en) 2015-04-15
EP2880834A2 (en) 2015-06-10
US20140039892A1 (en) 2014-02-06

Similar Documents

Publication Publication Date Title
CN104509065B (en) Human interaction proof is used as using the ability of speaking
Abdullah et al. Sok: The faults in our asrs: An overview of attacks against automatic speech recognition and speaker identification systems
KR101757990B1 (en) Method and device for voiceprint indentification
JP5695709B2 (en) Method and system for validating personal account identifiers using biometric authentication and self-learning algorithms.
KR101201151B1 (en) User authentication by combining speaker verification and reverse turing test
US20190013026A1 (en) System and method for efficient liveness detection
CN104217149B (en) Biometric authentication method and equipment based on voice
US20130132093A1 (en) System and Method for Generating Challenge Items for CAPTCHAs
CN104158664A (en) Identity authentication method and system
CN112105297A (en) Health-related information generation and storage
Turner et al. Attacking speaker recognition systems with phoneme morphing
KR102079303B1 (en) Voice recognition otp authentication method using machine learning and system thereof
Zhang et al. Volere: Leakage resilient user authentication based on personal voice challenges
US20180342240A1 (en) System and method for assessing audio files for transcription services
CN113033191A (en) Voice data processing method, electronic device and computer readable storage medium
CN112397072B (en) Voice detection method and device, electronic equipment and storage medium
Mubeen et al. Detection of impostor and tampered segments in audio by using an intelligent system
Tietz et al. Verification of keyboard acoustics authentication on laptops and smartphones using webrtc
Turner Security and privacy in speaker recognition systems
Adamski A speaker recognition solution for identification and authentication
WO2023013060A1 (en) Information processing system, information processing device, information processing method, and recording medium
CN107194686B (en) Voice payment method and system
Zhang Understanding and Securing Voice Assistant Applications
Aloufi et al. On-Device Voice Authentication with Paralinguistic Privacy
CN117892277A (en) Login authentication method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: MICROSOFT TECHNOLOGY LICENSING LLC

Free format text: FORMER OWNER: MICROSOFT CORP.

Effective date: 20150713

C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20150713

Address after: Washington State

Applicant after: Micro soft technique license Co., Ltd

Address before: Washington State

Applicant before: Microsoft Corp.

GR01 Patent grant
GR01 Patent grant